Journal of Applied Mathematics

Volume 2015, Article ID 516104, 10 pages

http://dx.doi.org/10.1155/2015/516104

## Degeneralization Algorithm for Generation of Büchi Automata Based on Contented Situation

^{1}School of Software, Tsinghua University, Beijing 100084, China^{2}Credit Reference Center, People’s Bank of China, Beijing 100800, China^{3}Department of Mathematical Sciences, Tsinghua University, Beijing 100084, China

Received 7 September 2014; Revised 15 December 2014; Accepted 16 December 2014

Academic Editor: Carlos Conca

Copyright © 2015 Laixiang Shan et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

#### Abstract

We present on-the-fly degeneralization algorithm used to transform generalized Büchi automata (GBA) into Büchi Automata (BA) different from the standard degeneralization algorithm. Contented situation, which is used to record what acceptance conditions are satisfiable during expanding LTL formulae, is attached to the states and transitions in the BA. In order to get the deterministic BA, the Shannon expansion is used recursively when we expand LTL formulae by applying the tableau rules. On-the-fly degeneralization algorithm is carried out in each step of the expansion of LTL formulae. Ordered binary decision diagrams are used to represent the BA and simplify LTL formulae. The temporary automata are stored as syntax directed acyclic graph in order to save storage space. These ideas are implemented in a conversion algorithm used to build a property automaton corresponding to the given LTL formulae. We compare our method to previous work and show that it is more efficient for four sets of random formulae generated by LBTT.

#### 1. Introduction

Model checking [1] is a formal verification technique used to check whether a model of the system verifies some desired properties for software or hardware systems. In order to verify whether the system satisfies some properties, a common method is to use linear temporal logic (LTL) model checking. When the given property is expressed in an LTL formula, the model checker usually transforms the negation of the LTL formula into a Büchi automaton (BA), builds the product of this BA with the system described as an automaton, and checks the emptiness of the product automaton. The size of the product automaton is usually exponential in the size of the system automaton and property automaton, because it is a Cartesian product of the system automaton and property automaton. If there are too many states and transitions, the product automaton will get too big to be verified in the available time. Generating a smaller and more deterministic property automaton in less time contributes to improving the efficiency of model checking.

There are many outstanding conversion tools that implement the translation from an LTL formula to a BA effectively. Babiak et al. [2] proposed a series of improvement measures to improve performance of the conversion algorithm presented by Gastin and Oddoux [3] and implemented a new conversion tool, LTL3BA, which translates an LTL formula into a very weak alternating automaton (VWAA) with a co-Büchi accepting condition. VWAA is then translated into a transition based generalized Büchi automata (TGBA). Finally, TGBA is degeneralized into a BA. The time complexity of the alternation removal is , which is the same magnitude as alternation removal of tableau-based algorithm [4]. Duret-Lutz [5] introduced many improvements to improve performance of the algorithm proposed by Couvreur [6]. These improvements have been applied in Spot, which is a C++ library for model checking. Spot uses TGBA to express LTL formulae into automata. Gerth et al. [7] proposed a classic algorithm that translates an LTL formula into a generalized Büchi automaton (GBA). This algorithm is a tableau-based translation method in on-the-fly fashion and has been applied in Spin [8].

In order to obtain a BA from the given LTL formula, [2, 3, 5, 7] involve the intermediate automata (GBA or TGBA), perform simplification on the intermediate automata, and transform the intermediate automata into BA finally. Clarke et al. presented a standard degeneralization algorithm used to transform GBA into BA in Section 9.2.2 of [1]. This standard degeneralization algorithm is also adapted to transform a TGBA into a BA [3, 9]. Furthermore, Duret-Lutz proposed a better degeneralization algorithm based on the standard degeneralization algorithm in Section 4.2.2 of [5], which is related to the order in which the corresponding BDD variables were declared. Babiak et al. [10] presented the SCC-based degeneralization including many improvements to the standard degeneralization algorithm used to transform a TGBA into an equivalent BA. Chatterjee et al. [11] proposed the definition of the degeneralization index applied to transform the automaton with generalized Rabin pairs into a Rabin automaton.

However, the standard degeneralization algorithm is used to transform a GBA or a TGBA into a BA, only when the expansion of LTL formulae is finished. We say that the standard degeneralization algorithm is a kind of postdegeneralization algorithm. The intermediate automata are needed to record the expansion of LTL formulae in the use of standard degeneralization algorithm. The standard degeneralization algorithm can transform a TGBA with states and acceptance conditions into an equivalent BA with one acceptance condition and at most states [12]. We have to search possible degeneralizations.

In this paper, we present on-the-fly degeneralization algorithm that is used to transform a GBA or a TGBA into an equivalent BA during expanding LTL formulae. We circumvent the intermediate automata and translate an LTL formula to a BA directly. Our method differs from the previous translation algorithms [2, 3, 5, 7] in two ways.(1)The* contented situation*, which is a set of acceptance conditions, is attached to the states and transitions in the BA. According to the contented situation, we can determine which acceptance conditions are satisfied in the current state or transition.(2)The process of degeneralization is carried out in each step of the expansion of LTL formulae. LTL formulae can be translated to the BA directly. The intermediate automata are no longer needed.

Our research focuses on an efficient conversion algorithm producing a BA corresponding to an LTL formula directly. The contented situation is attached to the states and transitions in the BA in order to track whether the acceptance condition is satisfiable. The BA is described by ordered binary decision diagrams (OBDDs) and stored as syntax directed acyclic diagram (DAG). On-the-fly degeneralization algorithm is used in order to degeneralize GBA into BA during the expansion. The BA simplification is adopted in the algorithm in order to gain reduction on the size of the result automaton. In order to get the deterministic BA, the Shannon expansion is used recursively when we expand LTL formulae by applying the tableau rules. These measures cause a lot of improvement on the efficiency of the algorithm, especially when expanding the formulae containing a large amount of -subformulae.

The rest of this paper is organized as follows. In Section 2, we provide preliminary notions used in this paper. Then, we describe the main ideas of our approach in Section 3. Overview of the algorithm is introduced in Section 4. In Section 5, a comparison between our method and previous works is presented. Finally, Section 6 closes the paper with conclusions.

#### 2. Preliminaries

LTL is usually used to describe system constraints in formal method, which is a modal temporal logic with modalities referring to time. Let represent a finite set of atomic propositions. Let represent the set of subsets of . Let represent the set of propositional formulae induced by .

*Definition 1 (syntax of LTL formulae). *An LTL formula is usually composed of atomic propositions (), proposition constants ( (True) and (False)), the logical operators ( (not), (and), and (or)), and the temporal modal operators ( (Next), (Until), (Release), (Always), and (Eventually)). Formally, the syntax of LTL formulae is defined inductively as follows:(i), , and are LTL formulae, respectively;(ii), , , , , , , and are LTL formulae, if and are LTL formulae, respectively.

-formula is the dual of -formula. , , -formula can be translated to -formula by the following identities:(i);(ii);(iii).

*Definition 2 (Kripke structure). *A Kripke structure is a tuple where is a finite set of states. is , a transition relation between states. is , labeling of the states.

*Definition 3 (semantics of LTL formulae). *Let be a Kripke structure, and let be an infinite word in . denotes the suffix starting at letter . The semantics of LTL formulae is defined inductively as follows:(i);(ii) iff , for ;(iii) iff ;(iv) iff and ;(v) iff or ;(vi) iff ;(vii) iff , ;(viii) iff , ;(ix) iff , and , ;(x) iff , and , and .

*Remark 4. *Every LTL formula can be rewritten as an equivalent LTL formula in negation normal form (NNF), where operator occurs only immediately in front of atomic propositions and , , and are the only allowed Boolean connectives. In this paper, we consider only such formulae. The NNF formula can be translated to an equivalent LTL formula by the following identities:

*Definition 5 (Büchi automata). *Büchi automaton is a kind of -automata in which acceptance conditions are carried by the states. It is also called state-based Büchi automata that is a tuple , where is a finite set of states. is a finite input alphabet, . is a transition function. is a set of initial states. is a set of acceptance states. Let be an infinite word of . An infinite sequence is a run of , where is an initial state and for all . denotes the set of all runs of . Let Inf denote the set of states that appear infinitely often in . The run is accepted by , if and only if with Inf. An infinite word is accepted by , if some run of over is accepted.

*Definition 6 (transition based generalized Büchi automata). *Transition based generalized Büchi automaton (TGBA) is a Büchi automaton in which the set of subsets of acceptance conditions are carried by the transitions. It can be defined as a tuple , where is a finite set of states. is a finite set of atomic propositions. is a transition relation, where each transition is labeled by a Boolean formula and a set of acceptance conditions. is a set of initial states. is a finite set of acceptance conditions, is the number of acceptance conditions, and is the set of the subsets of acceptance conditions. An infinite sequence is a run of , where , , , and for all . denotes the set of all runs of . Let Inf denote the set of transitions that appear infinitely often in . The run is accepted by , if and only if , with Inf. The accepting runs of visit each acceptance set infinitely often.

#### 3. Details of Our Approach

In this section, we introduce our ideas and the details of our approach. The next section gives an overview of the algorithm implementation.

##### 3.1. Tableau Rules

Tableau rules [7] are often used to translate an LTL formula into a BA. The process of translation is as follows. First, an LTL formula , which is rewritten as NNF, is defined as the labeling of the initial state. Then, is expanded by applying the tableau rules recursively until no -subformulae occur at the top level. The expansion of the formula is rewritten as a* cover* by computing its disjunctive normal form (DNF). Each disjunct of the* cover* represents a state of the automaton. All propositional literals represent the label of the states, which are the acceptance conditions satisfied in this state. The -formulae represent the label of the next state and determine the transitions outcoming from the current state. The transition is given by connecting each state to its successors. The tableau rules for LTL formulae are listed in Table 1. The automata constructed by the tableau rules are state-based Büchi automata.